LISTING OF CLAIMS 

1-8. (canceled) 

9. (currently amended) A server being equipped for 
establishing a trustworthy connection between a user 
and a terminal via a user input device comprising: 

a communication component for establishing and 
conducting communications along a first trusted 
connection with the terminal and along a second trusted 
connection with said user input device , wherein the 
first trusted connection is separate from the second 
trusted connection ; 

receiver means for receiving at least one 
authentication request from said terminal; 

at least one authentication component for verifying the 
authenticity of the terminal; and 

a message generation component for generating at least 
one authenticity output message for delivery to said 
user input device along said second trusted connection 
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without delivery of said message along the first 
trusted connection between the terminal and the server . 

10. (original) The server according to claim 9 further 
comprising a session key creation component for 
creating a session key to be communicated to said 
terminal . 

11. (original) The server according to claim 9 further 
comprising at least one storage location for storing at 
least one user-specific authenticity output message and 
wherein said message generation component accesses the 
stored at least one user-specific authenticity output 
message for display to the user at said terminal. 

12. (currently amended) A method for establishing a 
trustworthy connection between a user via a personal 
user device and a terminal which is connected to and 
authenticatable by at least one server which is 
authenticatable by said user device, comprising: 

said server authenticating said terminal; 



SZ998-041 



-3- 



establishing a first authenticated trusted connection 
upon success of said authenticating; 

said server authenticating itself to said user device; 

establishing a second trusted connection between said 
server and said user device , wherein the first trusted 
connection is separate from the second trusted 
connection ; and 

said server providing a terminal authenticity message 
to said user device via said established second trusted 
connection confirming the established authenticity of 
said terminal without communicating the terminal 
authenticity message along the first connection between 
the terminal and the server . 

13. (original) The method according to claim 12 further 
comprising communicating said terminal authenticity 
message to said user. 

14. (original) The method according to claim 13 wherein 
said communicating comprises displaying said message by 
said device. 
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15. (original) The method according to claim 13 wherein 
said communicating comprises displaying said message by 
said terminal. 

16. (original) The method according to claim 12 wherein 
said providing a terminal authenticity message 
comprises accessing at least one stored user-specific 
message . 

17. (original) The method according to claim 12 wherein 
said providing a terminal authenticity message 
comprises exchanging a predetermined set of messages 
with said user. 

18. (original) The method according to claim 15 wherein 
stored predetermined authentication information (vec) 
is communicated from the device to the terminal for 
creating there an authenticity output message (itio) . 

19. (original) The method, according to claim 12 further 
comprising the device authenticating itself to the 
terminal . 
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20. (original) The method according to claim 12 further 
comprising the device requesting that the user 
authenticate himself. 



21. (original) The method according to claim 14 wherein 
the device outputs the terminal authenticity message 
including at least one of visible, audible and tactile 
information . 

22. (original) The method according to claim 15 wherein 
the terminal outputs the terminal authenticity message 
including at least one of visible, audible and tactile 
information. 

23. (original) The method according to claim 21 wherein 
the message is output only partially by the device, 
according to a preselection by the user. 

24. (original) The method according to claim 21 wherein 
the message is output only partially by the terminal 
according to a preselection by the user 

25. (original) The method according to claim 12 further 
comprising authenticating the device to the server. 



SZ998-041 -6- 



26. (original) The method according to claim 12 further 
comprising authenticating the user. 

27-29. (canceled) 

30. (currently amended) A program storage device 
readable by machine, tangibly embodying a program of 
instructions executable by the machine to perform 
method steps for a server to establish a trustworthy 
connection with between a user via a user device and efe 
a terminal, said method steps comprising: 

said server authenticating said terminal; 

establishing a first authenticated trusted connection 
upon success of said authenticating; 

said server authenticating itself to said user device; 

establishing a second trusted connection between said 
server and said user device / wherein the first trusted 
connection is separate from the second trusted 
connection ; and 

said server providing a terminal authenticity message 
to said user device via said established second trusted 
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connection confirming the established authenticity of 
said terminal without communicating the terminal 
authenticity message along the first connection between 
the terminal and the server . 

31. (canceled) 
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